Good article on Salted Password Hashing

Everything else that doesn't fall into one of the other PB categories.
Post Reply
User avatar
RichAlgeni
Addict
Addict
Posts: 935
Joined: Wed Sep 22, 2010 1:50 am
Location: Bradenton, FL

Good article on Salted Password Hashing

Post by RichAlgeni »

'The correct way'

http://crackstation.net/hashing-security.htm

The article describes using 'slow' encryption, to foil hackers. For a much older system I wrote, I just put in a incremental delay for each incorrect password.
Top
User avatar
skywalk
Addict
Addict
Posts: 4220
Joined: Wed Dec 23, 2009 10:14 pm
Location: Boston, MA

Re: Good article on Salted Password Hashing

Post by skywalk »

Thanks.
Is a native SHA256 hash planned for PB?
I know there are some ASM versions posted here and the German forum.
The nice thing about standards is there are so many to choose from. ~ Andrew Tanenbaum
Top
User avatar
RichAlgeni
Addict
Addict
Posts: 935
Joined: Wed Sep 22, 2010 1:50 am
Location: Bradenton, FL

Re: Good article on Salted Password Hashing

Post by RichAlgeni »

I've used the assembler version from the fine folks who haunt the Assembler forum.
Top
buddymatkona
Enthusiast
Enthusiast
Posts: 252
Joined: Mon Aug 16, 2010 4:29 am

Re: Good article on Salted Password Hashing

Post by buddymatkona »

Interesting article. Thanks. I have always wondered why wrong password entry was so often followed by a simple "Try Again".
Failure should be the trigger to introduce slow methods such as a CAPTCHA code before the next guess.
Top
Post Reply

Return to “General Discussion”